feat: 🔐 add support for secret store

Signed-off-by: Tiago Barbosa <tbarbos@hotmail.com>
t1agob · May 16, 2024 · 1be9329 · 1be9329
1 parent eba13ce
commit 1be9329
Show file tree

Hide file tree

Showing 6 changed files with 69 additions and 5 deletions.
diff --git a/.github/workflows/azure-static-web-apps-orange-tree-098987f0f.yml b/.github/workflows/azure-static-web-apps-orange-tree-098987f0f.yml
@@ -27,6 +27,7 @@ jobs:
       - run: |
           kubectl apply -f deploy/cosmosdb-statestore.yaml
           kubectl apply -f deploy/pubsub.yaml
+          kubectl apply -f deploy/secret-store.yaml
 
   build_and_deploy_order_management_service:
     if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed')

diff --git a/components/secret-store.yaml b/components/secret-store.yaml
@@ -0,0 +1,13 @@
+apiVersion: dapr.io/v1alpha1
+kind: Component
+metadata:
+  name: secretstore
+  namespace: default
+spec:
+  type: secretstores.local.file
+  version: v1
+  metadata:
+  - name: secretsFile
+    value: secrets.json
+  - name: nestedSeparator
+    value: ":"
diff --git a/deploy/secret-store.yaml b/deploy/secret-store.yaml
@@ -0,0 +1,13 @@
+apiVersion: dapr.io/v1alpha1
+kind: Component
+metadata:
+  name: secretstore
+  namespace: default
+spec:
+  type: secretstores.local.file
+  version: v1
+  metadata:
+  - name: secretsFile
+    value: secrets.json
+  - name: nestedSeparator
+    value: ":"
diff --git a/order-management/secrets.json b/order-management/secrets.json
@@ -0,0 +1,6 @@
+{
+    "pubSubName": "orderpubsub",
+    "newOrderPubSubTopic": "orders",
+    "completeOrderPubSubTopic": "completedorder",
+    "stateStoreName": "statestore"
+}
diff --git a/order-management/src/index.ts b/order-management/src/index.ts
@@ -15,17 +15,36 @@ app.use(cors());
 const daprHost = process.env.DAPR_HOST ?? "http://localhost";
 const daprPort = process.env.DAPR_HTTP_PORT ?? "40100";
 const httpServerPort = process.env.PORT ?? "40000";
-const pubSubName = "orderpubsub";
-const newOrderPubSubTopic = "orders";
-const completeOrderPubSubTopic = "completeorder";
-const stateStoreName = "statestore";
+
+const DAPR_SECRET_STORE = "secretstore";
+let pubSubName = "";
+let newOrderPubSubTopic = "";
+let completeOrderPubSubTopic = "";
+let stateStoreName = "";
+
+let isInitialized = false;
 
 const client = new DaprClient({ daprHost, daprPort });
 
+async function getSecrets() {
+    if(pubSubName === "" || newOrderPubSubTopic === "" || completeOrderPubSubTopic === "" || stateStoreName === "") {
+        pubSubName = JSON.stringify(await client.secret.get(DAPR_SECRET_STORE, "pubSubName"));
+        newOrderPubSubTopic = JSON.stringify(await client.secret.get(DAPR_SECRET_STORE, "newOrderPubSubTopic"));
+        completeOrderPubSubTopic = JSON.stringify(await client.secret.get(DAPR_SECRET_STORE, "completeOrderPubSubTopic"));
+        stateStoreName = JSON.stringify(await client.secret.get(DAPR_SECRET_STORE, "stateStoreName"));
+
+        isInitialized = true;
+    }
+}
+
 // GET all orders
 app.get("/order", async (req: Request, res: Response) => {
     console.log("Getting all orders");
 
+    if(!isInitialized) {
+        await getSecrets();
+    }
+
     const result = await client.state.query(stateStoreName, {
         filter: {
             "EQ": { "status": "In Progress" }
@@ -51,6 +70,10 @@ app.get("/order/:id", async (req: Request, res: Response) => {
         res.status(400).send("Id is required");
     }
 
+    if (!isInitialized) {
+        await getSecrets();
+    }
+
     console.log(req.params.id);
     const result = await client.state.get(stateStoreName, req.params.id);
     if (result === null || result === undefined || result === "") {
@@ -67,6 +90,10 @@ app.post("/order", async (req: Request, res: Response) => {
         res.status(400).send("Order payload is required");
     }
 
+    if (!isInitialized) {
+        await getSecrets();
+    }
+
     const orderId = uuidv4();
     const order: Order = {
         id: orderId,
@@ -92,6 +119,10 @@ app.put("/order/:id/complete", async (req: Request, res: Response) => {
         res.status(400).send("Order ID is required");
     }
 
+    if (!isInitialized) {
+        await getSecrets();
+    }
+
     const orderId = req.params.id;
 
     const result = await client.pubsub.publish(pubSubName, completeOrderPubSubTopic, orderId);

diff --git a/order-processor/main.go b/order-processor/main.go
@@ -95,7 +95,7 @@ func newOrderEventHandler(ctx context.Context, e *common.TopicEvent) (retry bool
 	}
 
 	fmt.Println("Saving order state: ", orderData.Id)
-	err = client.SaveState(ctx, stateStoreName, "orderprocessor", data, nil)
+	err = client.SaveState(ctx, stateStoreName, orderData.Id, data, nil)
 	if err != nil {
 		log.Printf("error saving order state: %v", err)
 	}